Severity
Critical
Description
Contains a dependency which resolves to a remote git URL. Dependencies fetched from git URLs are not immutable can be used to inject untrusted code or reduce the likelihood of a reproducible install.
Suggestion
Publish the git dependency to npm or a private package repository and consume it from there.
Packages with this alert
Collection of reusable scripts for 10up development.
LDAP auth middleware for 4front platform.